Messages

121

24.1 Legacy Series / Re: Interface Assignments - Device Missing

« on: September 05, 2024, 09:43:46 am »

Basically what Franco said.

As these are igc we can assume its Intel i225/i226.

You could try to review dmesg if the igc3 is seen there if there is any related message regarding it. If nothing I would try to live boot a linux distro from a USB and check if it sees that specific interface.

But most likely, on first look, it looks like that NIC is gone as its not communicating.

Regards,
S.

122

General Discussion / Re: Internet 2.0 - Powered by OPNsense

« on: September 04, 2024, 09:46:08 am »

...fast forward to 02:49... really an OPNsense ripoff ... by AWS?!?

You know your product is popular and good if a Major Corporation is ripping it off .

Btw OPNsense as such provides a service where you can customize OPNsense with your own logo, scheme, etc. isn't this exactly that?
https://shop.opnsense.com/product/branded-version-of-opnsense/

Regards,
S.

123

Zenarmor (Sensei) / Re: Widget not Showing after update

« on: September 04, 2024, 09:39:39 am »

https://forum.opnsense.org/index.php?topic=42560.0

Regards,
S.

124

General Discussion / Re: Installation on windows

« on: September 03, 2024, 10:14:03 am »

not only will Windows be unusable, Windows will be gone from your disk/SSD if you install OPNsense over it.

But that sounds like a nice improvement... 

I agree, I did last year such improvement on all of my laptops and PCs (as well gaming rig) and I could not be happier.

Regards,
S.

125

24.1 Legacy Series / Re: Requesting help for accessing DNS between 2 interfaces.

« on: September 02, 2024, 06:32:12 pm »

Well there is your problem >

Last login: Mon Sep  2 22:13:36 on ttys000~

% nslookup sw-lab.nerdbit.org
Server:      10.10.100.1
Address:   10.10.100.1#53
** server can't find sw-lab.nerdbit.org: NXDOMAIN

Your DNS server doesnt know those records for these domains.

This PC/Laptop is on LAN network which is on 10.10.100.0/24 Network.
hough not explicity specified, the DNS is 10.10.100.1 (which basically is OPNSense Firewall itself), I do however have adguard running on it, not sure if that will help?

You set the records for domains on the Pihole, but your DNS server for that host is not the Pihole .3 .4 but its the OPnsense that doesn't have these records .1

Regards,
S.

126

24.1 Legacy Series / Re: Requesting help for accessing DNS between 2 interfaces.

« on: September 02, 2024, 05:11:57 pm »

So,

You are using Local DNS records on Pihole that point to NPM as Reverse proxy to the specific Hosts?

Do you have proper MASKs configured on all of these devices? /24
Can your PC from which you try to access the domain resolve the domain? do nslookup sw-lab.nerdbit.org
Is your PC using the DNS that has these local records set?
Do you have proper certificates or wildcart certificate on NPM with domains properly set to use these certs?

That error you got basically means domain can not be resolved

DNS_PROBE_FINISHED_NXDOMAIN is an error that occurs when your DNS fails to resolve the domain name or address. It happens when the Domain Name System (DNS) fails to connect domain names with actual web servers. The NXDOMAIN part stands for Non-Existent Domain.

Regards,
S.

127

General Discussion / Re: Installation on windows

« on: September 02, 2024, 11:06:43 am »

Running OPNsense in VM like this is OK for testing, trying learning.

But if you want to use it as your FW/Router or what ever you need a dedicated machine as mentioned by Patrick. Because you are new to this I advice to get a device and do a Baremetal setup (no Hypervisor), get a small machine install on it OPNsense.

Regards,
S.

128

24.7 Production Series / Re: I would like to make some Services invisible in dashboard

« on: September 02, 2024, 10:54:49 am »

In the old GUI the Services widget did had a possibility to hide and show you wanted if I remember correctly.

Maybe with time it will be implemented to the new widget as well.

Regards,
S.

129

24.7 Production Series / Re: Weird CPU utilization since 24.7.2

« on: September 02, 2024, 10:11:38 am »

In regards of OP issues.

I did check the RRD just for funzies (I went from .1 to .3). And yes there is a increase of CPU utilization seen in RDD but the difference is like 4% for the System when comparing 24.7.1 vs 24.7.3. No changes for the "User"

These are negligible values actually such increase I would expect as we went to a newer version of FreeBSD and a lot of stuff is happening. So some increase here is expected.

However OP show much higher Utilization values and specifically for the User space. Check top and find out what process is doing it. Its very hard to say what is causing this without knowing of your implementation.

Like what are you running:
1. Any huge Aliases lists?
2. Any routing protocol
3. IPv4 or IPv6 (Static, DHCP, etc.)
3. Etc.

Regards,
S.

130

24.7 Production Series / Re: Pings through WAN interface not working (broken in 24.7.1-.3)

« on: August 30, 2024, 09:54:00 am »

Same here,

Currently I am on 24.7.1 pinging (ICMP PING) the a specific IPv4 private or public destination from LAN is working.

ping 8.8.8.8

Pinging 8.8.8.8 with 32 bytes of data:
Reply from 8.8.8.8: bytes=32 time=15ms TTL=114
Reply from 8.8.8.8: bytes=32 time=17ms TTL=114
Reply from 8.8.8.8: bytes=32 time=22ms TTL=114
Reply from 8.8.8.8: bytes=32 time=13ms TTL=114

Ping statistics for 8.8.8.8:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 13ms, Maximum = 22ms, Average = 16ms

ping 1.1.1.1

Pinging 1.1.1.1 with 32 bytes of data:
Reply from 1.1.1.1: bytes=32 time=14ms TTL=55
Reply from 1.1.1.1: bytes=32 time=15ms TTL=55
Reply from 1.1.1.1: bytes=32 time=13ms TTL=55
Reply from 1.1.1.1: bytes=32 time=12ms TTL=55

Ping statistics for 1.1.1.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 15ms, Average = 13ms

Regards,
S.

131

24.7 Production Series / Re: System >> Routes failing after reboot

« on: August 29, 2024, 10:17:43 am »

So you have same /24 subnet on two different Routers/OPnsense boxes?


What I was asking is if the GW used for this static is the WG interface on the OPNsense of the otherside. And if when the route is not installed if there is a route & ARP entry visible towards that GW itself.

Because as I was talking about recursive lookup, there should be at least 3 routes.
1. The static route one for Destination 192.168.100.100 pointing over interface WG & Gateway set for static
2. A route showing how to reach the Gateway
3. A route showing which interface is the egress for this GW

Regards,
S.

132

24.7 Production Series / Re: System >> Routes failing after reboot

« on: August 28, 2024, 06:14:00 pm »

When we stick to the base concept of routing and routes itself.

A route will be put into uRIB (unicast routing table) only in case the destination where its pointing to is reachable. E.g we have that specific destination in the route table and we are able to do recursive lookup.

Example:

Source A wants to go to destination M

1st lookup:
Destination M is reachable using static route over Gateway B

2nd lookup:
Destination B is reachable over C

2nd lookup:
Destination C is reachable over XYZ

etc.

This is happening until the router in this case OPNsense will not hit such a recursive lookup that will point it to an Egress Interface.

So my question now is, when you dont have the route present in the route table. Does OPNsense know where is the GW of that static route? Do you have it in ARP & Router table?

Regards,
S.

133

24.7 Production Series / Re: System >> Routes failing after reboot

« on: August 28, 2024, 05:55:33 pm »

I believe the route should be back.

How is your GW configured, is the monitoring turned on that GW? Do you have the proper Egress interface set?

I had few years ago similar issue with static route. Where in my case I did migrate off to VLANs but forgot to change the EGRESS interface on the GW to the VLAN and instead let it on the LAGG which wasn't L3. Each reboot or Interface flap I lost the route and had to manually apply it. After time a realized I actually forgot to change it (STUPID ME).

Regards,
S.

134

24.7 Production Series / Re: System >> Routes failing after reboot

« on: August 28, 2024, 04:07:38 pm »

So you have a static route that point thru the WG tunnel?

Most likely that's the problem, if WG is not yet up the route tries to point towards a GW into something that is not yet existing or up, than you may hit this problem.

A static route can not be put into a route table if the egress interface is not existing (or down). How is your GW configured onto which you point the static route? Does it use tracking (dping)?

Regards,
S.

135

General Discussion / Re: Germany investing into FreeBSD

« on: August 26, 2024, 09:59:38 pm »

If this will not shut up the ppl yelling BSD is dead then I really don't know what else could...

Thanks for posting this, actually it made my mood a lot of better today (Mondays with 100+ email when you take 2 days off from work xD).

Regards,
S.